Merge pull request #10609 from tobiasd/20210816-10514
Issue 10514: add TLS check to the installer
This commit is contained in:
Hypolite Petovan
GitHub
@@ -129,6 +129,10 @@ class Installer
|
||||
$returnVal = false;
|
||||
}
|
||||
|
||||
if (!$this->checkTLS()) {
|
||||
$returnVal = false;
|
||||
}
|
||||
|
||||
if (!$this->checkKeys()) {
|
||||
$returnVal = false;
|
||||
}
|
||||
@@ -580,6 +584,38 @@ class Installer
|
||||
return $status;
|
||||
}
|
||||
|
||||
/**
|
||||
* TLS Check
|
||||
*
|
||||
* Tries to determine whether the connection to the server is secured
|
||||
* by TLS or not. If not the user will be warned that it is higly
|
||||
* encuraged to use TLS.
|
||||
*
|
||||
* @return bool (true) as TLS is not mandatory
|
||||
*/
|
||||
public function checkTLS()
|
||||
{
|
||||
$tls = false;
|
||||
|
||||
if (isset($_SERVER['HTTPS'])) {
|
||||
if (($_SERVER['HTTPS'] == 1) || ($_SERVER['HTTPS'] == 'on')) {
|
||||
$tls = true;
|
||||
}
|
||||
}
|
||||
|
||||
if (!$tls) {
|
||||
$help = DI::l10n()->t('The detection of TLS to secure the communication between the browser and the new Friendica server failed.');
|
||||
$help .= ' ' . DI::l10n()->t('It is highly encouraged to use Friendica only over a secure connection as sensitive information like passwords will be transmitted.');
|
||||
$help .= ' ' . DI::l10n()->t('Please ensure that the connection to the server is secure.');
|
||||
$this->addCheck(DI::l10n()->t('No TLS detected'), $tls, false, $help);
|
||||
} else {
|
||||
$this->addCheck(DI::l10n()->t('TLS detected'), $tls, false, '');
|
||||
}
|
||||
|
||||
// TLS is not required
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Imagick Check
|
||||
*
|
||||
|
||||
Reference in New Issue
Block a user